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EXAMINER'S ANSWER 



This is in response to the appeal brief filed February 25th, 2008, and the supplemental 
appeal brief filed April 10th, 2008, appealing from the Office action mailed May 22nd, 
2007. 
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(1) Real Party in Interest 

A statement identifying by name the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial 
proceedings which will directly affect or be directly affected by or have a bearing on the 
Board's decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 

(4) Status of Amendments After Final 

The appellant's statement of the status of amendments after final rejection 
contained in the brief is correct. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 

(6) Grounds of Rejection to be Reviewed on Appeal 

The appellant's statement of the grounds of rejection to be reviewed on appeal is 
correct. 
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(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Evidence Relied Upon 

The following is a listing of the prior art of record relied upon in the rejection of 
claims under appeal: 

Boden etal. (U.S. PGPub 2003/0145104), published on July 31st, 2003. 
Sakovetal. (U.S. PGPub 2002/0196802), published on December 26th, 2002. 
Forslow (U.S. PGPub 2002/0069278), published on June 6th, 2002. 
Le etal. (U.S. PGPub 2004/0019664), published on January 29th, 2004. 

(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 

Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), 
by another filed in the United States before the invention by the applicant for patent or (2) a 
patent granted on an application for patent by another filed in the United States before the 
invention by the applicant for patent, except that an international application filed under the treaty 
defined in section 351(a) shall have the effects for purposes of this subsection of an application 
filed in the United States only if the international application designated the United States and 
was published under Article 21(2) of such treaty in the English language. 
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2. Claims 1 , 2, 5, 9, 1 0, 1 3, 1 7, 1 8, 20, 21 , and 25-27 rejected under 35 
U.S.C. 102(e) as being anticipated by Boden etal. (U.S. PGPub 2003/0145104, 
hereinafter "Boden"). 

3. As per claim 1 , Boden teaches a method of dynamically connecting a client node 
to a serving network, comprising the steps of: 

providing an access network to which a client node has a network connection; 
(Boden, fig. 4 item 42 and Node A1) 

providing at least one access router having a network connection to said access 
network and having a network connection to at least one serving network; {Boden, 
paragraph 0039; see fig. 4 item 52) 

sending serving network provider advertising information to said client node; 
receiving from said client node serving network provider information specifying a serving 
network to which said client node desires access; and {Boden, paragraphs 0062-0072) 

establishing a communication tunnel between said client node and said access 
router through said access network, such that said client node is able to send and 
receive data packets to and from the serving network specified by said client node 
within said communication tunnel through said access network (Boden, paragraphs 
0073-0076; fig. 5 and 12). 
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4. As per claim 2, Boden teaches the system comprising the step of authenticating 
said client node prior to establishing said communication tunnel {Boden, paragraphs 
0050-0052 and fig. 9, through the use of IPsec). 

5. As per claim 5, Boden teaches the system further wherein said access router has 
network connections to at least two serving networks, said method further comprising 
the step of establishing a second communication tunnel between said client node and 
said access router through said access network, such that said client node is able to 
selectively send and receive data packets to and from each of said two serving 
networks (Boden, paragraph 0039 and fig. 4). 

6. As per claim 9, Boden teaches the system further wherein said at least one 
serving network comprises an Internet Service Provider network (Boden, paragraph 
0078-0081 where the gateway of fig. 4 has access to sites other than other listed 
remote VPNs). 

7. As per claim 1 0, Boden teaches the system further wherein said at least one 
serving network comprises a Network Access Provider network (Boden, paragraph 
0078-0081 where the gateway of fig. 4 has access to sites other than other listed 
remote VPNs). 
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8. As per claim 1 3, Boden teaches the system further wherein said access network 
comprises an IP access network (Boden, paragraphs 0034-0038). 

9. As per claim 1 7, Boden teaches the system further wherein said client node 
connects to said access network via a remote network (Boden, fig. 4 item 42). 

1 0. As per claim 1 8, Boden teaches the system further wherein the step of 
establishing said communication tunnel comprises the step of using an IPSec key 
management protocol (Boden, paragraphs 0050-0052 and fig. 9, through the use of 
IPsec). 

11. As per claim 20, Boden teaches the system further wherein said communication 
tunnel is a secure communication tunnel (Boden, paragraphs 0050-0052 and fig. 9, 
through the use of IPsec). 

12. As per claim 21 , Boden teaches the system comprising the step of establishing 
said secure communication tunnel using an IPSec key management protocol (Boden, 
paragraphs 0050-0052 and fig. 9, through the use of IPsec). 

1 3. As per claim 25, Boden teaches a method of connecting a client node to a 
serving network, comprising the steps of: 
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providing an access router having a network connection to at least two serving 
networks; {Boden, paragraph 0039; see fig. 4 item 52) 

receiving from said client node serving network information specifying a serving 
network to which said client node desires to have access; {Boden, paragraphs 0062- 
0072) 

establishing a communication tunnel between said client node and said access 
router through said access network, such that said client node is able to send and 
receive data packets to and from the serving network specified by said client node 
within said communication tunnel through said access network; and {Boden, paragraphs 
0073-0076; fig. 5 and 12) 

binding said communication tunnel to said specified serving network by using 
serving network information of said specified serving network as a security association 
identifier of said communication tunnel {Boden, paragraph 0044 and figure 9 SA 
identifier). 

14. As per claim 26, Boden teaches the system further wherein said communication 
tunnel is a secure communication tunnel {Boden, paragraphs 0050-0052 and fig. 9, 
through the use of IPsec). 

1 5. As per claim 27, Boden teaches the system further comprising the step of 
establishing said secure communication tunnel using an IPSec key management 
protocol {Boden, paragraphs 0050-0052 and fig. 9, through the use of IPsec). 
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Claim Rejections - 35 USC § 103 

16. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

17. Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Boden et 
al. (U.S. PGPub 2003/0145104) and Sakovetal. (US PGPub 2002/0196802, 
hereinafter "Sakov"). 

18. As per claim 3, Boden teaches the above yet fails to teach the system comprising 
the step of providing a second access router having a network connection to said 
access network and having network connections to at least two serving networks. 

Sakov teaches the use of multiple access routers having network connections to 
an original access network and multiple serving networks {Sakov, paragraph 0029- 
0035). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to have combined Boden and Sakov to provide the access routers 
of Sakov in the system of Boden, because doing so would allow the aggregation of any 
excessive routers and would increase performance {Sakov, paragraphs 0013-0015) 
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19. Claims 8, 11, 12, 14-16, and 19 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Boden etal. (U.S. PGPub 2003/0145104) and Forslow (U.S. PGPub 
2002/0069278, hereinafter "Forslow"). 

20. As per claim 8, Boden teaches the above yet fails to teach wherein said step of 
sending serving network provider advertising information comprises the step of using a 
Router Discovery mechanism. 

Forslow teaches authenticating clients prior to establishing IPSec secure 
communication tunnels (Forslow, paragraphs 0093 and 0108) in a wireless VLAN 
network (Forslow, paragraph 0094) that utilizes a Router Discovery mechanism 
(Forslow, claim 85). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to have combined Boden and Forslow to provide the networking 
system of Forslow in the system of Boden, because doing so would enable the benefits 
of a mobile virtual private network providing secure client data access in an IPsec based 
system (Forslow, paragraph 0065). 

21 . As per claim 1 1 , Boden teaches the above yet fails to teach wherein said at least 
one serving network comprises a VLAN network. 

Forslow teaches authenticating clients prior to establishing IPSec secure 
communication tunnels (Forslow, paragraphs 0093 and 0108) in a wireless VLAN 
network (Forslow, paragraph 0094). 



Application/Control Number: 1 0/761 ,347 Page 1 0 

Art Unit: 2141 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to have combined Boden and Forslow to provide the networking 
system of Forslow in the system of Boden, because doing so would enable the benefits 
of a mobile virtual private network providing secure client data access in an IPsec based 
system (Forslow, paragraph 0065). 

22. As per claim 1 2, Boden-Forslow teaches the system further comprising the step 
of providing a virtual access point in said VLAN serving network, through which a client 
node may connect directly to said VLAN serving network (Forslow, paragraph 0094). 

23. As per claim 14, Boden teaches the above yet fails to teach wherein said access 
network comprises a VLAN access network. 

Forslow teaches authenticating clients prior to establishing IPSec secure 
communication tunnels (Forslow, paragraphs 0093 and 0108) in a wireless VLAN 
network (Forslow, paragraph 0094). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to have combined Boden and Forslow to provide the networking 
system of Forslow in the system of Boden, because doing so would enable the benefits 
of a mobile virtual private network providing secure client data access in an IPsec based 
system (Forslow, paragraph 0065). 
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24. As per claim 1 5, Boden-Forslow teaches the system further wherein said VLAN 
access network is partitioned into multiple VLAN access sub-networks (Forslow, 
paragraph 0104). 

25. As per claim 1 6, Boden-Forslow teaches the system further comprising the step 
of providing a virtual access point in said VLAN access network, through which a client 
node may connect to said VLAN access network (Forslow, paragraph 0094). 

26. As per claim 1 9, Boden teaches the above yet fails to teach wherein said client 
node is a mobile node, and said network connection of said client node to said access 
network is a wireless connection. 

Forslow teaches authenticating clients prior to establishing IPSec secure 
communication tunnels (Forslow, paragraphs 0093 and 0108) in a wireless VLAN 
network (Forslow, paragraph 0094). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to have combined Boden and Forslow to provide the networking 
system of Forslow in the system of Boden, because doing so would enable the benefits 
of a mobile virtual private network providing secure client data access in an IPsec based 
system (Forslow, paragraph 0065). 
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27. Claim 7 is rejected under 35 U.S.C. 103(a) as being unpatentable over Boden et 
al. (U.S. PGPub 2003/0145104) and Le et al. (US PGPub 2004/0019664, hereinafter 
"Le"). 



28. As per claim 7, Boden teaches the above yet fails to teach wherein said step of 
sending serving network provider advertising information comprises the step of using a 
PANA protocol. 

Le teaches the use of a PANA protocol in advertising network elements {Le, 
paragraphs 0039-0044). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to have combined Boden and Le to provide the PANA protocol of 
Le in the system of Boden, because doing so would enable PANA based 
advertisements. 
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(10) Response to Argument 

In the Argument, appellant argued in substance that 

(A) In the Boden reference, a tunnel is a VPN connection between access 
routers and not between a client node and an access router. Accordingly, the VPN 
tunnel in Boden resides outside of any of the access networks whereas the tunnel in the 
present application resides within an access network. 

As to point (A), the relevant claim language states "establishing a communication 
tunnel between said client node and said access router through said access network, 
such that said client node is able to send and receive data packets to and from the 
serving network specified by said client node within said communication tunnel through 
said access network." Thus, the claim requires that a client send and receive data 
packets through a communication tunnel through an access network. 

Boden teaches an access network to which a client has a network connection 
that provides an access router with an access network and serving network (see the 
network structure of fig. 4 and paragraph 0039). If the client node initiates a connection, 
a communication tunnel is established where the client node is able to send and receive 
data packets to the specified destination (Boden, see fig. 13 steps 188-194 where the 
advertising information in step 181 is forwarded to node A1 to establish the connection). 
A tunnel is established between the client and access router such that the client is able 
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to send data to and from the serving network specified within said communication tunnel 
(Boden, paragraphs 0073-0076; figs. 5 and 12; see also use of AH, ESP, and other 
header information in paragraph 0062). 

As to the argument regarding the location of the tunnel, Boden shows an 
example network in fig. 4. The Node A1 47 in fig. 4 would transmit data packets 
through VPN Gateway A 52 and VPN Gateway B 54 in order to reach Node 48 of 
Network B. If the tunnel is established between Gateway 52 and 54, then the tunnel is 
still "established between said client node and said access router" (emphasis added) as 
per the language of the claims. Further, no evidence is offered as to how the tunnel in 
Boden exists outside of an access network when the entire network implementation in 
Boden is designed to provide access to client nodes (see, e.g., fig. 4 architecture and 
using a reasonable interpretation of "access network" to constitute a network that 
provides communication access). 

(B) Boden fails to teach sending serving network provider advertising information 
to said client node. At best, Boden sends a new source IP address that provides no 
information regarding the serving network, let alone serving network provider 
information. The address is selected from a pool at the receiving gateway of reserved 
IP addresses, so there is no way for the receiving client to assess anything about the 
serving network provider based on the address. 
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As to point (B), the claim language requires the transmission of "serving network 
provider advertising information" to a client. Given a reasonable interpretation of this 
language, the system must send some form of information that advertises a network 
that provides service. 

Boden teaches an incoming IPsec'd packet 100 containing network provider 
information (i.e., advertising) that is received at the access router {Boden, paragraph 
0062). The access router, in order to avoid conflict due to overlapping remote address 
spaces, may make modifications to the incoming advertisement information so that 
conflicts do not occur on the destination network (see Boden paragraphs 0062-0072 
and the connection process detailed in Table 3 where gateway A modifies the 
advertisement information to be compatible with node A1 's network). The access router 
then allows this information to continue on to the client node. The client node responds 
if a connection is desired, and if so, a communication tunnel is established where the 
client node is able to send and receive data packets to the desired destination {Boden, 
see fig. 13 steps 188-194 where the advertising information in step 181 is forwarded to 
node A1 to establish the connection). 

While in certain situations Boden's system may make modifications (see 
paragraph 0062 where a check is done to determine if source-in is necessary), the 
claim language is directed to sending information to a client node without limitation on 
the changes made during transmission. Further, no structure or definition is given in the 
independent claim language as to the type of advertising information that must be sent 
to the client node. 
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(C) The final rejection mailed May 22nd, 2007, was improperly made final 
because it contained a new ground of rejection. The fact that a typographical error was 
made was not apparent to the appellant. 

As to point (C), the non-final office action mailed December 21st, 2006, rejected 
the claims under 35 U.S.C. §102 using the Boden reference. The subsequent final 
office action also rejected the claims under 35 U.S.C. §102 using the Boden reference. 
No new grounds of rejection were applied. 

A typographical error was made in the first office action listing subsection (b) as 
the relevant basis of §102 when in fact subsection (e) contained the proper text. This 
was noted and corrected in the final office action. As to the argument that this was not 
apparent to the appellant, the examiner respectfully submits that the response to the 
non-final office action contained substantive arguments concerning the merits of the 
Boden reference as a valid 102(e) anticipatory reference (see March 21st, 2007 
response, pgs. 5-7). Therefore, any potential error was harmless. 
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(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the 
Related Appeals and Interferences section of this examiner's answer. 



Respectfully submitted, 
/N. TV 

Nicholas Taylor 
Examiner, Art Unit 2141 



Conferees: 
Jason Cardone 



/Jason D Cardone/ 
Supervisory Patent Examiner, Art Unit 2145 



/Rupal D. Dharia/ 
Supervisory Patent Examiner, Art Unit 2141 



